Credit crunch is fueling data theft

From: http://www.thetechherald.com/article.php/200911/3206/ScanSafe-Credit-crunch-is-fueling-data-theft

ScanSafe, an SaaS security vendor based in London and San Francisco, has released its Annual Global Threat report. According to the stats collected from 240 billion Web requests in 2008, the credit crunch being felt all over the world is fueling a surge in Web-based attacks. The report details growth like no other, with attack vectors such as Iframe-related attacks jumping over 1000 percent.

ScanSafe used 240 billion Web requests from corporate customers, spread out over 80 countries, to track the data used in its report. According to the data, there was an explosive growth in Malware throughout 2008.

For example, 582 percent growth between like quarters in 2007 and 2008 and a 300 percent volume ratio increase from January 2008 through to December 2008. Exploits and Iframes were up 1731 percent in 2008, while data-theft Trojans increased by 1559 percent.

“We saw a continued acceleration of Web-delivered malware in 2008, reaching significant peaks in both October and November. The numbers are staggering,” said Mary Landesman, senior security researcher at ScanSafe.

“There is a high correlation of increased online crime with the decline in the global economy. It could be that the increasing levels of job loss and uncertainty are fueling the surge in criminal activity. It is also likely that cyber crime is proving to be a viable business opportunity in a climate where legitimate opportunities are becoming increasingly more limited.”

The credit crunch is fueling this growth, the report says, as 14 percent of all ScanSafe’s blocks were the result of encounters with data theft Trojans, compared to six percent in 2007. Towards the end of 2008, when the credit crunch was in full swing, the report details the largest growth in this category. Not only did October and November 2008 show the highest levels of blocks, but they also showed a heavy saturation of data theft Malware.

According to one section of the report, there was a change of intent in 2008. Criminals are now shifting their focus to the targeting and harvesting of sensitive data. Most of the Malware delivered through the Web provided remote customization and configurability, enabling attackers to target specific data and manage how that data is obtained.

For home users, the targets were game-related credentials and credit card numbers. For businesses, it was intellectual property and the potential to eavesdrop on all network transmissions via ARP poisoning or other man-in-the-middle attacks.

Trusted sites also posed a substantial risk. In April 2008, ScanSafe said it counted an excess of 780,000 malicious Web pages from only five vertical segments because of a single SQL injection attack.

“Today’s malware is all about stealing and harvesting data. Cyber criminals have moved away from defacing sites or merely designing malware as a prank and it is now created with commercial and criminal intent,” added Landesman. “Online crime has become a lucrative business and both commercial and personal data fetch a significant sum on black markets.”